{"id":11924,"date":"2024-03-25T10:01:58","date_gmt":"2024-03-25T08:01:58","guid":{"rendered":"https:\/\/forklog.com\/en\/paraswap-to-reimburse-users-following-vulnerability-discovery\/"},"modified":"2024-03-25T10:01:58","modified_gmt":"2024-03-25T08:01:58","slug":"paraswap-to-reimburse-users-following-vulnerability-discovery","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/paraswap-to-reimburse-users-following-vulnerability-discovery\/","title":{"rendered":"ParaSwap to Reimburse Users Following Vulnerability Discovery"},"content":{"rendered":"<p>The decentralized exchange liquidity aggregator ParaSwap has commenced the process of reimbursing users after addressing a critical vulnerability in its newly launched smart contract, Augustus v6.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">White hack recovery update: Assets have been returned to wallets which have revoked their permissions <\/p>\n<p>If your wallet had assets transferred to 0x66e90d840d7c4f3473e25dd8ca361747058c6db0 and have not received them yet, your wallet is still vulnerable, PLEASE REVOKE ALL RELEVANT\u2026 <a href=\"https:\/\/t.co\/zraj3tSFNe\">https:\/\/t.co\/zraj3tSFNe<\/a><\/p>\n<p>\u2014 ParaSwap (@paraswap) <a href=\"https:\/\/twitter.com\/paraswap\/status\/1771964824542441528?ref_src=twsrc%5Etfw\">March 24, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to the platform, 213 addresses have yet to revoke permissions.<\/p>\n<p>On March 20, the ParaSwap team announced that they had discovered a vulnerability in the smart contract but responded promptly to the incident.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\u26a0\ufe0f We discovered a critical vulnerability affecting users who approved the Augustus V6 contract.<\/p>\n<p>We took immediate action by pausing the V6 API and conducting a white hack that secured funds for users who were at risk. These funds are now securely held in a Safe Wallet\u2026<\/p>\n<p>\u2014 ParaSwap (@paraswap) <a href=\"https:\/\/twitter.com\/paraswap\/status\/1770313086072742263?ref_src=twsrc%5Etfw\">March 20, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWe took immediate action by pausing the V6 API and conducting a white hack that secured funds for users who were at risk. These funds are now securely held in a safe wallet,\u201d stated representatives of the liquidity aggregator.<\/p>\n<\/blockquote>\n<p>ParaSwap <a href=\"https:\/\/paraswap.notion.site\/V6-vulnerability-on-chain-messaging-89d2af5234a146f2908f4be2c5b2edb2\">reported<\/a> collaborating with law enforcement agencies. The project team added that they initiated contact to identify hacker addresses, urging the return of stolen funds.<\/p>\n<p>If the hacker does not respond by March 27, ParaSwap will \u201cuse all criminal, legal, and administrative means\u201d to recover the assets.<\/p>\n<p>The damage was not substantial due to the developers&#8217; swift response, with several users collectively losing about $24,000.<\/p>\n<p>Experts at Immunefi estimated the damage to cryptocurrency projects from hacks and scams in February at $67 million.<\/p>\n<p>In March, the DeFi protocol Mozaic Finance lost $2 million in a hacking attack.<\/p>\n<p>The decentralized exchange WOOFi reported a theft of $8.75 million following an exploit of its swap service in the Arbitrum L2 network.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The decentralized exchange liquidity aggregator ParaSwap has commenced the process of reimbursing users after addressing a critical vulnerability in its newly launched smart contract, Augustus v6. White hack recovery update: Assets have been returned to wallets which have revoked their permissions If your wallet had assets transferred to 0x66e90d840d7c4f3473e25dd8ca361747058c6db0 and have not received them yet, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11923,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1459],"class_list":["post-11924","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-paraswap"],"aioseo_notices":[],"amp_enabled":true,"views":"54","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/11924","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=11924"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/11924\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/11923"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=11924"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=11924"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=11924"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}